Data retrieval APIs for AWS IAM Identity Center
AWS IAM Identity Center provides the following APIs for data retrieval.
| Actions | Description | Access level |
|---|---|---|
| DescribeAccountAssignmentCreationStatus | Describe the status of the assignment creation request | Read |
| DescribeAccountAssignmentDeletionStatus | Describe the status of an assignment deletion request | Read |
| DescribeApplication | Obtain information about an application | Read |
| DescribeApplicationAssignment | Retrieve an application assignment | Read |
| DescribeApplicationProvider | Describe an application provider | Read |
| DescribeInstance | Obtain information about an identity center instance | Read |
| DescribeInstanceAccessControlAttributeConfiguration | Get the list of attributes used by the instance for ABAC | Read |
| DescribePermissionSet | Describe a permission set | Read |
| DescribePermissionSetProvisioningStatus | Describe the status for the given Permission Set Provisioning request | Read |
| DescribeRegion | Retrieve configuration details for a specific IAM Identity Center instance region | Read |
| DescribeRegisteredRegions | Obtain the regions where your organization has enabled AWS IAM Identity Center | Read |
| DescribeTrustedTokenIssuer | Describe a trusted token issuer for an instance | Read |
| GetApplicationAccessScope | Get an access scope to an application | Read |
| GetApplicationAssignmentConfiguration | Read assignment configurations for an application | Read |
| GetApplicationAuthenticationMethod | Get an authentication method to an application | Read |
| GetApplicationGrant | Obtain details about a grant belonging to an application | Read |
| GetApplicationInstance | Retrieve details for an application instance | Read |
| GetApplicationSessionConfiguration | Get session configuration for an application | Read |
| GetApplicationTemplate | Retrieve application template details | Read |
| GetInlinePolicyForPermissionSet | Obtain the inline policy assigned to the permission set | Read |
| GetManagedApplicationInstance | Retrieve details for an application instance | Read |
| GetMfaDeviceManagementForDirectory | Retrieve Mfa Device Management settings for the directory | Read |
| GetPermissionSet | Retrieve details of a permission set | Read |
| GetPermissionsBoundaryForPermissionSet | Get permissions boundary for a permission set | Read |
| GetProfile | Retrieve a profile for an application instance | Read |
| GetSSOStatus | Check if AWS IAM Identity Center is enabled | Read |
| GetSharedSsoConfiguration | Retrieve shared configuration for the current SSO instance | Read |
| GetSsoConfiguration | Retrieve configuration for the current SSO instance | Read |
| GetTrust | Retrieve the federation trust in a target account | Read |
| ListAccountAssignmentCreationStatus | List the status of the AWS account assignment creation requests for a specified SSO instance | List |
| ListAccountAssignmentDeletionStatus | List the status of the AWS account assignment deletion requests for a specified SSO instance | List |
| ListAccountAssignments | List the assignee of the specified AWS account with the specified permission set | List |
| ListAccountAssignmentsForPrincipal | List accounts assigned to user or group | List |
| ListAccountsForProvisionedPermissionSet | List all the AWS accounts where the specified permission set is provisioned | List |
| ListApplicationAccessScopes | List access scopes to an application | List |
| ListApplicationAssignments | List application assignments | List |
| ListApplicationAssignmentsForPrincipal | List applications assigned to user or group | List |
| ListApplicationAuthenticationMethods | List authentication methods to an application | List |
| ListApplicationGrants | List grants from an application | List |
| ListApplicationInstanceCertificates | Retrieve all of the certificates for a given application instance | Read |
| ListApplicationInstances | Retrieve all application instances | List |
| ListApplicationProviders | List application providers | List |
| ListApplicationTemplates | Retrieve all supported application templates | List |
| ListApplications | Retrieve all applications associated with the instance of IAM Identity Center | List |
| ListCustomerManagedPolicyReferencesInPermissionSet | List the customer managed policy references that are attached to a permission set | List |
| ListDirectoryAssociations | Retrieve details about the directory connected to AWS IAM Identity Center | Read |
| ListInstances | List the SSO Instances that the caller has access to | List |
| ListManagedPoliciesInPermissionSet | List the AWS managed policies that are attached to a specified permission set | List |
| ListPermissionSetProvisioningStatus | List the status of the Permission Set Provisioning requests for a specified SSO instance | List |
| ListPermissionSets | Retrieve all permission sets | List |
| ListPermissionSetsProvisionedToAccount | List all the permission sets that are provisioned to a specified AWS account | List |
| ListProfileAssociations | Retrieve the directory user or group associated with the profile | Read |
| ListProfiles | Retrieve all profiles for an application instance | List |
| ListRegions | List all regions configured for an IAM Identity Center instance | List |
| ListTagsForResource | List the tags that are attached to a specified resource | Read |
| ListTrustedTokenIssuers | List trusted token issuers for an instance | List |
| SearchGroups | Search for groups within the associated directory | Read |
| SearchUsers | Search for users within the associated directory | Read |
